WatchGuard System Manager User Guide. WatchGuard System Manager v8.0

Size: px
Start display at page:

Download "WatchGuard System Manager User Guide. WatchGuard System Manager v8.0"

Transcription

1 WatchGuard System Manager User Guide WatchGuard System Manager v8.0

2 Notice to Users Information in this guide is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. No part of this guide may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of WatchGuard Technologies, Inc. Copyright, Trademark, and Patent Information Copyright WatchGuard Technologies, Inc. All rights reserved. Complete copyright, trademark, patent, and licensing information can be found in the appendix of this User Guide. All trademarks or trade names mentioned herein, if any, are the property of their respective owners. Management Software: 8.0 Appliance Software: WFS 7.4 and Fireware Pro 8.0 Document Version: ADDRESS: 505 Fifth Avenue South Suite 500 Seattle, WA SUPPORT: U.S. and Canada All Other Countries SALES: U.S. and Canada All Other Countries ABOUT WATCHGUARD WatchGuard is a leading provider of network security solutions for small- to midsized enterprises worldwide, delivering integrated products and services that are robust as well as easy to buy, deploy and manage. The company s Firebox X family of expandable integrated security appliances is designed to be fully upgradeable as an organization grows and to deliver the industry s best combination of security, performance, intuitive interface and value. WatchGuard Intelligent Layered Security architecture protects against emerging threats effectively and efficiently and provides the flexibility to integrate additional security functionality and services offered through WatchGuard. Every WatchGuard product comes with an initial LiveSecurity Service subscription to help customers stay on top of the security landscape with vulnerability alerts, software updates, expert security instruction and superior customer care. For more information, please call (206) or visit ii WatchGuard System Manager

3 Contents CHAPTER 1 Getting Started...1 About WatchGuard System Manager...1 About Hardware and Appliance Software...2 Upgrading the appliance software...2 Installing WatchGuard System Manager...2 Installation requirements...3 Collecting network information...3 Selecting a firewall configuration mode...4 Selecting where to install server software...5 Setting up the management station...5 Backing up your previous configuration...6 Using the Quick Setup Wizard...6 Putting the Firebox into operation on your network...6 Setting Up Your Management Server...6 Management Server passwords...7 Using the Management Server Setup Wizard...7 After Your Installation...8 Align your security policy...8 Features of the LiveSecurity Service...8 Installation Topics...8 Installing WatchGuard Servers on computers with desktop firewalls...8 WFS appliance software configuration modes...9 Adding secondary networks to your configuration...11 Dynamic IP support on the external interface...11 Entering IP addresses...12 Installing the Firebox cables...13 CHAPTER 2 Service and Support...15 LiveSecurity Service Solutions...15 User Guide iii

4 LiveSecurity Service Broadcasts...16 Activating the LiveSecurity Service...17 LiveSecurity Service Self Help Tools...17 WatchGuard Users Forum...19 WatchGuard Users Group...19 Online Help...19 Starting WatchGuard Online Help...19 Searching for information...20 Copy the online help system to more computers...20 Product Documentation...20 Technical Support...20 LiveSecurity Service Technical Support...21 LiveSecurity Gold...21 Firebox Installation Service...21 VPN Installation Service...22 Training and Certification...22 CHAPTER 3 Monitoring Your Network...23 Starting WatchGuard System Manager...23 About the WatchGuard System Manager Window...23 Connecting to a Firebox...24 Connecting to a Server...25 Seeing Information about Devices...25 Connection status...27 Seeing Information on Log Servers...27 Monitoring VPNs...28 About the WatchGuard Toolbar...29 Starting Security Applications...29 CHAPTER 4 Setting Up Logging and Notification...31 Setting Up the Log Server...31 Changing the Log Server encryption key...33 Setting Global Logging and Notification Preferences...33 Log file size and rollover frequency...33 Setting the interval for log rollover...34 Scheduling log reports...34 Controlling notification...35 Starting and stopping the Log Server...35 CHAPTER 5 Reviewing and Working with Log Files...37 Types of Log Messages...37 Log File Names and Locations...38 Starting LogViewer...38 iv WatchGuard System Manager

5 LogViewer Settings...40 Changing LogViewer settings with Fireware appliance software...40 Changing LogViewer settings with WFS appliance software...41 Using LogViewer...42 Creating a Search Rule...42 Searching in LogViewer...43 Viewing the current log file in LogViewer...43 Copying LogViewer data...43 Consolidating log files...44 Updating.wgl log files to.xml format...44 CHAPTER 6 Generating Reports of Network Activity...47 Creating and Editing Reports...47 Starting a new report...48 Editing an existing report...49 Deleting a report...49 Viewing the reports list...49 Specifying a Report Time Interval...49 Specifying Report Sections...50 Consolidating Report Sections...50 Setting Report Properties...51 Exporting Reports...52 Exporting reports to HTML format...52 Exporting reports to NetIQ format...52 Using Report Filters...53 Creating a new report filter...53 Editing a report filter...54 Deleting a report filter...54 Applying a report filter...54 Running Reports...54 Report Sections and Consolidated Sections...54 Report sections...55 Consolidated sections...57 CHAPTER 7 Managing Certificates and the Certificate Authority...59 Public Key Cryptography and Digital Certificates...59 PKI in a WatchGuard VPN...59 MUVPN and certificates...60 Managing the Certificate Authority...60 Managing certificates with the CA Manager...61 CHAPTER 8 Managing the Firebox X Edge and Firebox SOHO Importing Certificates...63 Microsoft Internet Explorer 5.5 and User Guide v

6 Netscape Communicator Netscape Managing the Firebox X Edge or SOHO Device...65 Removing Certificates...66 Microsoft Internet Explorer 5.5 and Netscape Navigator Netscape APPENDIX A Copyright and Licensing...69 Licenses...72 SSL Licenses...72 Apache Software License, Version 2.0, January PCRE License...76 GNU Lesser General Public License...77 GNU General Public License...81 Sleepycat License...85 APPENDIX B WatchGuard File Locations...87 General File Locations...87 Default File Locations...88 Index vi WatchGuard System Manager

7 CHAPTER 1 Getting Started Historically, organizations used many tools, systems, and personnel to control the security of their networks. Different computer systems controlled access, authentication, virtual private networking, and network control. These expensive systems are not easy to use together or to keep up-to-date. WatchGuard System Manager (WSM) supplies an integrated solution to manage your network and control security problems. This chapter tells you how to install WatchGuard System Manager into your network. About WatchGuard System Manager WatchGuard System Manager (WSM) gives you an easy and efficient way to manage your network security. Use one computer as a management station to show, manage, and monitor all the Fireboxes in your network. WSM gives support for mixed environments. You can manage Firebox III and Firebox X devices that use different versions of appliance software. You can also manage Firebox X Edge devices. WSM has three servers that do Firebox management functions: WatchGuard Management Server The WatchGuard Management Server operates on a Windows computer. With this server, you can manage all Firewall devices and create VPN tunnels using a simple drag-and-drop function. The basic functions of the Management Server are: - Centralized management of VPN tunnel configurations - The certificate authority for distributing certificates for IPSec tunnels - Protocol translation in support of the WatchGuard SOHO and Firebox X Edge products Log Server The Log Server collects logs from each WatchGuard Firebox. The native storage format is XML (plain text) for easy troubleshooting and reporting. Among the information collected from firewall devices are traffic logs, event logs, alarms, and diagnostic messages. WebBlocker Server The WebBlocker Server operates with the Firebox HTTP proxy to deny user access to applicable Web sites. The administrator sets the categories of permitted Web sites during User Guide 1

8 About Hardware and Appliance Software Firebox configuration. The HTTP proxy on the Firebox then works with the WebBlocker Server to find if a Web site is in a category that is not allowed. About Hardware and Appliance Software Appliance software is a software program or operating system that is permanently kept on your hardware. The Firebox uses the appliance software with the configuration file to operate. When you upgrade your Firebox device, you write a new version of the appliance software to its memory. Although each Firebox model is loaded with a default appliance software type, you can upgrade the appliance software independently of the hardware. Two types of appliance software are available to WatchGuard customers: WatchGuard Firebox System (WFS) This is the default appliance software on Firebox III and Firebox X Core devices. It is the standard version of the appliance software successfully used by WatchGuard customers since 1998, with several new enhancements added. Fireware Pro This is the default appliance software on Firebox X Peak devices. If you have a Firebox X Core, you can purchase a Fireware upgrade. This software has the following advanced features for more complex networks: - Signature-based IDP - Gateway AntiVirus for - Advanced networking options including QoS, dynamic routing, and support for multiple WAN interfaces When you install WatchGuard System Manager, it automatically installs the software tools you must have to configure and manage a Firebox with any type of appliance software. These include: Firebox System Manager Policy Manager HostWatch When you add a Firebox to be managed by WSM, the software automatically identifies which appliance software the Firebox uses. If you select the Firebox and then click an icon on the toolbar, it automatically starts the correct management tool. For example, if you add a Firebox X700 operating with WFS appliance software to the Devices tab of WFS and then click the Policy Manager icon on the WSM toolbar, Policy Manager for WFS automatically starts and opens the configuration file. However, if you add a Firebox X700 operating with Fireware appliance software and click the Policy Manager icon, Policy Manager for Fireware starts instead. Upgrading the appliance software If you have a Firebox X Core, the WFS appliance software is loaded on the box. Or, you can purchase an upgrade to Fireware Pro. See the Migration Guide for information on upgrading from WFS to Fireware Pro. Installing WatchGuard System Manager Note This installation procedure is for new installations only. If you have an earlier version of WatchGuard System Manager, use the upgrade procedure in the Migration Guide. 2 WatchGuard System Manager

9 Installing WatchGuard System Manager WatchGuard System Manager includes firewall appliance software and management software to protect your network from attack. You put the Firebox between the Internet and your trusted computers. You then use the software installed on the management station to configure and to monitor your Firebox. To install the WatchGuard System Manager software, you must: Collect your network addresses and information Select a network configuration mode, if you are using WFS appliance software only. This step is not necessary if you use Fireware appliance software. Select to install the Management Server, Log Server, and WebBlocker Server on the same computer as your management software, or on a different computer. Configure the management station Use the Quick Setup Wizard to make a basic configuration file Put the Firebox into operation on your network Note This chapter gives the default information for a Firebox with a three-interface configuration. If your Firebox has more interfaces, use the same configuration tools and procedures as the instructions for the optional interface to configure the other interfaces. Installation requirements Before you install WatchGuard System Manager, make sure that you have these items: WatchGuard Firebox security device WatchGuard System Manager CD-ROM A serial cable (blue) Three crossover Ethernet cables (red) Three straight Ethernet cables (green) Power cable LiveSecurity Service license key Collecting network information License Keys Collect your license key certificates. WatchGuard System Manager comes with a LiveSecurity Service key that enables your subscription to the LiveSecurity service. For more information about this service, see the Service and Support chapter in this guide, You get the license keys for any optional products when you purchase them. For more information about optional products, see the Configuration Guide for your version of appliance software. Network addresses We recommend that you make two tables when you configure your Firebox. Use the first table for your network IP addresses before you put the Firebox into operation. WatchGuard uses slash notation to show the subnet mask. User Guide 3

10 Installing WatchGuard System Manager 1Network IP Addresses Without the Firebox Wide Area Network Default Gateway Local Area Network Secondary Network (if applicable) Public Server(s) (if applicable)... / /... / Use the second table for your network IP addresses after you put the Firebox into operation. External interface Connects to the external network (typically the Internet) that is the security problem. Trusted interface Connects to the private LAN or internal network that it is necessary to protect. Optional interface(s) Usually connects to the DMZ or the mixed trust area of your network. The number of optional interfaces on your Firebox depend on the model you have purchased. Use optional interfaces to create zones in your network with different levels of access. Usually, you install the Web, , and FTP servers on an optional interface. 2Network IP Address With the Firebox Default Gateway External Network Trusted Network Optional Network Secondary Network (if applicable) /... /... /... / Selecting a firewall configuration mode Fireware appliance software users must use a routed firewall configuration mode. If you use WFS appliance software, you must make a decision on how to install the Firebox into your network before you install WatchGuard System Manager. This decision controls the configuration of the Firebox interfaces. To install the Firebox into your network, select the configuration mode routed or drop-in that matches the needs of your current network. For more information on finding which configuration mode to use with WFS appliance software, see WFS appliance software configuration modes on page 9. 4 WatchGuard System Manager

11 Installing WatchGuard System Manager Selecting where to install server software During installation, you can select to install the management station and three WatchGuard System Manager Server components on the same computer. Or you can use the same installation procedure to install the server components on other computers. To decide, you must examine the capacity of your management station and select the installation method that best matches your needs. If you install the Management Server, Log Server, or WebBlocker Server on a computer with an active desktop firewall other than Windows Firewall, you must open the ports necessary for the servers to connect through the firewall. Windows Firewall users do not have to change their desktop firewall configuration. See Installing WatchGuard Servers on computers with desktop firewalls on page 8 for more information. Setting up the management station The management station runs the System Manager software. This software shows the traffic through the firewall. System Manager also shows connection and tunnel status. The WatchGuard Log Server records information it receives from the Firebox. You can get access to this data using tools on the management station. Select one computer on your network as the management station and install the management software: 1 Insert the WatchGuard System Manager CD-ROM in the CD drive of your computer. If the installation wizard does not appear automatically, double-click install.exe in the root directory of the CD. 2 Click Connect to LiveSecurity on the WatchGuard System Manager Installation screen. This starts your Web browser and connects your computer to the WatchGuard Web site. If you do not have an Internet connection, install the software from the CD-ROM. If you use this procedure, you cannot get support, strong encryption, or VPN functions until you enable the LiveSecurity Service. 3 Use the instructions on the screen to start your LiveSecurity Service subscription. 4 Download the WatchGuard System Manager software. The speed of your Internet connection controls the time to download the software. Make sure that you write down the name and the path of the file when you save it to your hard drive. 5 When the download is complete, open the file and use the instructions on the screens to help you through the installation. The Setup program includes a screen in which you select the components of the software or the upgrades to install. A different license is necessary when you install some software components. Note If your management station is already operating with a Windows toolbar, some users can find it necessary to stop and restart the toolbar before you can see the new toolbar components installed for the WatchGuard Management System. 6 At the end of the installation wizard, a check box appears that you can select to start the Quick Setup Wizard. Make sure you install the cables to your Firebox before you start the Quick Setup Wizard. Software encryption levels The management station software is available in two encryption levels. Base Uses 40-bit encryption Strong Uses 128-bit 3DES encryption A minimum of 56-bit encryption is necessary for the IPSec standard. To use virtual private networking with IPSec you must download the strong encryption software. User Guide 5

12 Setting Up Your Management Server Strong export limits apply to the strong encryption software. It is possible that it is not available for download. Backing up your previous configuration If you have an earlier version of WatchGuard System Manager, you must make a backup of your security policy configuration before you install a new version. For instructions on creating a backup of your configuration: If you are upgrading to a newer version of the WFS appliance software, refer to the Upgrade Guide. If you are moving from WFS to Fireware appliance software, refer to the Migration Guide. Using the Quick Setup Wizard After you configure the management station, install the Firebox cables, and (if applicable) make a back up of your previous configuration, use the Quick Setup Wizard to make a basic configuration file. The Firebox uses this basic configuration file when it starts for the first time. This enables the Firebox to operate as a basic firewall. After the Firebox is configured with this basic configuration, you can use Policy Manager to expand or change the Firebox configuration. The Quick Setup Wizard uses a device discovery procedure to find the Firebox X model you are configuring. This procedure uses a UDP broadcast. Software firewalls, including the firewall in Microsoft Windows XP SP2, can cause problems with the discovery procedure. You can start the Quick Setup Wizard from the Windows desktop or from System Manager. The instructions in the wizard help you through the procedure. From the desktop, select Start > Programs > WatchGuard System Manager 8 > Quick Setup Wizard. Or, from System Manager, select Resources > Quick Setup Wizard. Putting the Firebox into operation on your network You have completed the installation of your Firebox. You can use the Firebox as a basic firewall that allows all outgoing traffic. Complete these steps to put the Firebox into operation on your network: Put the Firebox in its permanent physical location. In WatchGuard System Manager, use File > Connect To to connect the management station to the Firebox. If you use a routed configuration, change the default gateway on all computers that you connect to the Firebox trusted IP address. Configure the Log Server to start recording log messages. Open Policy Manager to change the basic configuration to meet your security needs. Setting Up Your Management Server You can select to install the Management Server on the your management station during installation. Or, you can use the same installation procedure to install the Management Server on a different computer. You must install the Management Server software on a computer that is behind a Firebox with a static external IP address. The Management Server does not operate correctly if it is behind a Firebox with a dynamic IP address on its external interface. You use this server to: Start and stop the Management Server Set the server passphrases and license key 6 WatchGuard System Manager

13 Setting Up Your Management Server Set the CRL distribution point and publication period Set the client and root certificate lifetime Launch the CA Web GUI For information on how to set up the other WatchGuard System Manager servers Log Server and Web- Blocker server, see the Working with Log Files chapter in this guide, and the Configuration Guide, respectively. Note If you install the Management Server, Log Server, or WebBlocker Server on a computer with an active desktop firewall other than Windows Firewall, you must open the ports necessary for the servers to connect through the firewall. Windows Firewall users do not have to change their configuration. See the section Installing WatchGuard Servers on computers with desktop firewalls on page 8 for more information. Management Server passwords The WatchGuard Management Server uses passwords to protect sensitive information kept on disk or to secure communications with client systems. Master password This password is used to protect all the passwords that are kept in the password file. You must use it when you move the Management Server data to a new system or when you restore a lost or corrupt master key file. Because you do not frequently use the master password, we recommend that you write it down and lock it in a secure location. The master password is not stored in the password file. An encryption key is derived from the master password and the key data is kept on disk. The default locations for the password file and encryption key are: C:\Documents and Settings\WatchGuard\wgauth\wgauth.ini C:\Documents and Settings\WatchGuard\wgauth\wgauth.key Because these files are used by the Management Server software, you must never change them manually. Admin password The administrator uses the admin password frequently because it is necessary to use it to connect to the Management Server using WatchGuard System Manager. Using the Management Server Setup Wizard 1 Right-click the Management Server icon in the WatchGuard toolbar at the bottom of the screen. 2 Select Start Service. The Management Server setup wizard starts. The instructions in the wizard help you through the procedure. User Guide 7

14 After Your Installation Note the following: When an interface whose IP address is bound to the Management Server goes down and then restarts, we recommend that you restart the Management Server. If you change the computer s IP address, you must remove the Management Server and install it again. After Your Installation You have satisfactorily installed, configured, and put your new WatchGuard System Manager into operation on your network. Here is some more information to think about. Align your security policy Your security policy controls who can get in to your network, where they can go, and who can get out. The configuration file of your Firebox makes the security policy. The configuration file that you make with the Quick Setup Wizard is only a basic configuration. You can make a configuration file that aligns your security policy with your requirements. To do this, add filtered and proxied policies, in addition to the basic policies you are told about in the sections before. These policies expand what you let in and out of your network. Each policy can have an effect on your network. The policies that increase your network security can decrease access to your network. The policies that increase access to your network can decrease your network security. When you select these policies, you must select a range of balanced policies. Your organization and the computer equipment to which you give protection will control your selection. Some policies that organizations usually add are HTTP and SMTP. Usually, for a new installation, we recommend that you use only packet filter policies until all your systems operate correctly. Then, as necessary, you can add proxied policies when you know more about them. For more information about policies, see the Configuration Guide for your version of appliance software. Features of the LiveSecurity Service Your Firebox includes a subscription to our LiveSecurity Service. Your subscription: Makes sure that you get the newest network protection with the newest software upgrades Gives solutions to your problems with full technical support resources Prevents downtime with messages and configuration help to prevent the newest network security problems Helps you to find out more about network security through training resources Extends your network security with included software and other features Installation Topics The following sections give information that you can use while setting up your Firebox. Installing WatchGuard Servers on computers with desktop firewalls Desktop firewalls can block the ports necessary for WatchGuard Server components to operate. Before installing the Management Server, Log Server, or WebBlocker Server on a computer with an active desktop firewall, other than Windows Firewall, you might need to open the necessary ports on the desktop firewall. Windows Firewall users do not need to change their configuration. 8 WatchGuard System Manager

15 Installation Topics This table shows you the ports you must open on a desktop firewall. Server Type/Appliance Software Protocol/Port Management Server TCP 4109, TCP 4110, TCP 4112, TCP 4113 Log Server with Fireware appliance software with WFS appliance software TCP 4115 TCP 4107 WebBlocker Server TCP 5003, UDP 5003 WFS appliance software configuration modes There are two configuration modes available for users with WFS appliance software: a routed configuration or a drop-in configuration. (If you are using Fireware appliance software, drop-in mode is not available.) Many networks operate the best with a routed configuration. But we recommend the drop-in mode if: You have a large number of public IP addresses You have a static external IP address You cannot configure the computers on your trusted and optional networks that have public IP addresses with private IP addresses The table below shows three conditions that can help you to select a firewall configuration mode. We then give more information about each mode. Condition 1 Condition 2 Condition 3 Routed Configuration All interfaces of the Firebox are on different networks. The minimum configured interfaces are external and trusted. Trusted and optional interfaces must be on different networks. The two interfaces must have an IP address on their respective network. Use static NAT to map public addresses to private addresses behind the trusted or optional interfaces. Drop-in Configuration All interfaces of the Firebox are on the same network and have the same IP address (Proxy ARP). The computers on the trusted or optional interfaces can have a public IP address. The machines that have public access have public IP addresses. Thus, no static NAT is necessary. Routed configuration You use the routed configuration when you have a small number of public IP addresses or when your Firebox gets its external IP address using PPPoE or DHCP. This configuration also makes it easier to configure virtual private networks. User Guide 9

16 Installation Topics In a routed configuration, you install the Firebox with different logical networks and network addresses on each of its interfaces. The public servers behind the Firebox use private IP addresses. The Firebox uses network address translation (NAT) to route traffic from the external network to the public servers. The requirements for a routed configuration are: All interfaces of the Firebox must be on different logical networks. The minimum configuration includes the external and trusted interfaces. You can also configure one or more optional interfaces. All computers behind the trusted and optional interfaces must have an IP address from that network. For example, a computer on a trusted interface in the previous figure could have an IP address of but not , which is on the optional interface. Drop-in configuration With a drop-in configuration, the Firebox uses the same network for all of its interfaces. You must configure all of the interfaces. When you install the Firebox between the router and the LAN, it is not necessary to change the configuration of the local computers. The public servers behind the Firebox continue to use public IP addresses. The Firebox does not use network address translation to route traffic from the external to your public servers. The properties of a drop-in configuration are: 10 WatchGuard System Manager

17 Installation Topics You use one logical network for all three interfaces. The Firebox uses proxy ARP. The trusted interface ARP address replaces the ARP address of the router. It then resolves the ARP data for those devices behind the Firebox that cannot receive the transmitted data. During installation, it is not necessary to change the TCP/IP properties of computers on the trusted and optional interfaces. The router cannot receive the transmitted ARP data from the trusted host, but the Firebox continues to control ARP data for the router. Usually, the Firebox is the default gateway as an alternative to the router. You must flush the ARP cache of each computer on the trusted network. A large part of a LAN is on the trusted interface because there is a secondary network for the LAN. With a drop-in configuration you do not have to change the configuration of each computer on the trusted network that has a public IP address. But, a drop-in configuration is not easy to manage. It can also be more difficult to troubleshoot problems. Adding secondary networks to your configuration A secondary network is a different network that connects to a Firebox interface with a switch or hub. When you add a secondary network, you map an IP address from the secondary network to the IP address of the Firebox interface. Thus, you make (or add) an IP alias to the network interface. This IP alias is the default gateway for all the computers on the secondary network. The secondary network also tells the Firebox that there is one more network on the Firebox interface. To add a secondary networks, do one of these procedures: Use the Quick Setup Wizard during installation Enter an IP address for the secondary network in the Quick Setup Wizard, as described in Using the Quick Setup Wizard on page 6. This is the default gateway for your secondary private network. Add the secondary network after the Firebox installation is complete Use Policy Manager to add secondary networks to an interface. For information on how to use Policy Manager, see the Configuration Guide. Dynamic IP support on the external interface If you use dynamic IP addressing, you must select routed configuration. User Guide 11

18 Installation Topics If you select the Dynamic Host Configuration Protocol (DHCP), the Firebox tells a DHCP server controlled by your Internet Service Provider (ISP) to give the Firebox its IP address, gateway, and netmask. This server can also give WINS and DNS server information for your Firebox. If it does not give you that information, you must add it manually to your configuration. If necessary, you can change the WINS and DNS values that your ISP gives you. Point-to-Point Protocol over Ethernet (PPPoE) is also available. As with DHCP, the Firebox makes a PPPoE protocol connection to the PPPoE server of your ISP. This connection automatically configures your IP address, gateway, and netmask. But, PPPoE does not supply you with DNS and WINS server information as DHCP does. If you use PPPoE on the external interface, you must have the PPP user name and password when you configure your network. The user name and password each have a 256-byte capacity. When you configure the Firebox to receive dynamic IP addresses, the Firebox cannot use these functions (for which a static IP address is necessary): High Availability (not available on Firebox 500) Drop-in mode (if you are using WFS appliance software) 1-to-1 NAT MUVPN RUVPN with PPTP Note If your ISP uses a DHCP or PPPoE connection to give out static IP address, the Firebox will allow you to enable MUVPN and RUVPN with PPTP because the IP address is static. External aliases and 1-to-1 NAT are not available when the Firebox is a PPPoE client. Entering IP addresses When you enter IP addresses in the Quick Setup Wizard or WSM dialog boxes, type the digits and periods in the correct sequence. Do not use the TAB key, arrow key, spacebar, or mouse to put your cursor after the periods. For example, if you type the IP address , do not type a space after you type 16. Do not try to put your cursor after the subsequent period to type 1. Type a period directly after 16, and then type Push the slash (/) key to move to the netmask. About slash notation Use slash notation to enter the netmask. In slash notation, one number shows how many bits of the IP address identify the network that the host is on. A netmask of has a slash equivalent of 8+8+8=24. For example, an IP address /24 is equivalent to an IP address of with a netmask of This table shows the network masks and their slash equivalents: Network mask Slash equivalent / / / / /26 12 WatchGuard System Manager

19 Installation Topics / / / /30 Installing the Firebox cables Connect the power cable to the Firebox power input and to a power source. The Quick Setup Wizard recommends that you use a straight ethernet cable (green) to connect your management station to a hub or switch. Use another straight ethernet cable (green) to connect your Firebox to the same hub or switch. Then, use the instructions in the Quick Setup Wizard to connect to the Firebox. You can also use a red crossover cable to connect the Firebox trusted interface to the management station Ethernet port. User Guide 13

20 Installation Topics 14 WatchGuard System Manager

21 CHAPTER 2 Service and Support No Internet security solution is complete without regular updates and security information. New threats appear each day from the newest hacker to the newest bug in an operating system and each can cause damage to your network systems. The LiveSecurity Service sends security solutions directly to you to keep your security system in the best condition. Training and technical support are available on the WatchGuard Web site to help you learn more about network security and your WatchGuard products. LiveSecurity Service Solutions The number of new security problems and the volume of information about network security continues to increase. We know that a firewall is only the first component in a full security solution. The Watch- Guard Rapid Response Team is a dedicated group of network security personnel who can help you to control this problem of too much information. They monitor the Internet security Web sites for you, to identify new security problems as they start. Threat responses, alerts, and expert advice After a new threat is identified, the WatchGuard Rapid Response Team sends you an to tell you about the problem. Each message gives full information about the type of security problem and the procedure you must use to make sure that your network is safe from attack. Easy software updates LiveSecurity Service saves you time because you receive an when we release a new version of the WatchGuard System Manager software. Installation wizards, release notes, and a link to the software update make for a fast and easy installation. These continued updates make sure that you do not have to use your time to find new software. Access to technical support and training You can find information about your WatchGuard products quickly with our many online resources. You can also speak directly to one of the WatchGuard technical support personnel. Use our online training to learn more about the WatchGuard System Manager software, Firebox, and network security. User Guide 15

22 LiveSecurity Service Broadcasts LiveSecurity Service Broadcasts The WatchGuard Rapid Response Team regularly sends messages and software information directly to your computer desktop by . We divide the messages into categories to help you to identify and make use of incoming information immediately. Information Alert Information Alerts give you a fast view of the newest information and threats to Internet security. The WatchGuard Rapid Response Team frequently recommends that you make a security policy change to protect against the new threat. When necessary, the Information Alert includes instructions on the procedure. Threat Response If a new security threat makes it necessary, the WatchGuard Rapid Response Team transmits a software update for your Firebox. The Threat Response includes information about the security threat and instructions on how to download a software update and install it on your Firebox and management station. Software Update When necessary, WatchGuard updates the WatchGuard System Manager software. Product upgrades can include new features and patches. When we release a software update, you get an with instructions on how to download and install your upgrade. Editorial Each week, top network security personnel come together with the WatchGuard Rapid Response Team to write about network security. This continuous supply of information can help you to keep your network safe and secure. Foundations The WatchGuard Rapid Response Team also writes information specially for security administrators, employees, and other personnel that are new to this technology. Loopback At the end of each month LiveSecurity Service sends you an with a summary of the information sent that month. Support Flash These short training messages can help you to operate WatchGuard System Manager. They are an added resource to the other online resources: - Online Help - FAQs - Known Issues pages on the Technical Support Web site Virus Alert WatchGuard has come together with antivirus vendor McAfee to give you the most current information about computer viruses. Each week, we send you a message with a summary of the virus traffic on the Internet. When a hacker releases a dangerous virus on the Internet, we send a special virus alert to help you protect your network. 16 WatchGuard System Manager

23 LiveSecurity Service Self Help Tools New from WatchGuard When WatchGuard releases a new product, we first tell you our customers. You can learn more about new features and services, product upgrades, hardware releases, and customer promotions. Activating the LiveSecurity Service You can activate the LiveSecurity Service through the Quick Setup Wizard on the CD-ROM. Or, you can activate it through the activation section of the LiveSecurity Web pages. There is information about the Quick Setup Wizard in the QuickStart Guide and in the Getting Started chapter of this book. Note To activate the LiveSecurity Service, you must enable JavaScript on your browser. To activate the LiveSecurity Service through the Web: 1 Make sure that you have the LiveSecurity license key and the Firebox serial number. These are necessary during the LiveSecurity activation procedure. - You can find the Firebox serial number in two locations. First, on a small silver label on the outer side of the Firebox package. Second, on a label on the rear side of the Firebox, below the Universal Product Code (UPC) symbol. - The license key number is on the WatchGuard LiveSecurity License Key certificate. Make sure that you type it the same as it is shown on the key. Include the hyphens. 2 Using your Web browser, go to: The Account page appears. 3 Complete the LiveSecurity Activation page. Use the TAB key or the mouse to move through the fields on the page. You must complete all the fields to activate correctly. This information helps WatchGuard to send you the information and software updates that are applicable to your products. 4 Make sure that your address is correct. After you complete the procedure, you get an e- mail message that tells you that you activated the LiveSecurity Service satisfactorily. All your LiveSecurity will come to this address. 5 Click Register. LiveSecurity Service Self Help Tools Online Self Help Tools enable you to get the best performance from your WatchGuard products. Note You must activate the LiveSecurity Service before you can access online resources. Basic FAQs The Basic FAQs (frequently asked questions) give general information about the Firebox and the WatchGuard System Manager software. They are written for the customer who is new to network security and to WatchGuard products. User Guide 17

24 LiveSecurity Service Self Help Tools Advanced FAQs The Advanced FAQs (frequently asked questions) give you important information about configuration options and operation of systems or products. They add to the information you can find in this User Guide and in the Online Help system. Known Issues We know that software products can have bugs. We keep a list of Known Issues to help you find and to configure around these problems in our products until a software update repairs them. Interactive Support Forum The WatchGuard Technical Support team operates a Web site where our customers can send messages about WatchGuard products. Technical Support monitors this Web site and writes messages when it is necessary to answer customer problems. Online Training Browse to the online training section to learn more about network security and WatchGuard products. You can read training materials and get a certification in our products. The training includes links to a wide range of documents and Web sites about network security. The training is divided into parts which lets you use only the materials you feel necessary. To learn more about online training, browse to: Learn About This is a list of all resources available for a specified product or feature. It is a site map for the feature. Online Help There is a copy of the online help system for all WatchGuard products on our Technical Support Web site. You install a copy of the online help when you install WatchGuard System Manager software. The version of online help on our Web site is the most current and includes corrections of errors we find. Product Documentation We keep a copy of each user guide we release to customers on our Web site. This includes user guides for versions of software which we do not continue to give technical support. The user guides are in PDF format. General Firebox X Edge and Firebox SOHO Resources This section of our Web site shows basic information and links for Firebox X Edge and Firebox SOHO customers. It can help you to install and use the Firebox X Edge and SOHO 6 hardware. To get access to the LiveSecurity Service Self Help Tools: 1 Start your Web browser. In the address bar, type: 2 Click Support. 3 Log in to the LiveSecurity Service. 4 In the Self Help Tools section, click your selection. 18 WatchGuard System Manager

25 WatchGuard Users Forum WatchGuard Users Forum The WatchGuard Users Forum is an online group. It lets the users of WatchGuard products interchange ideas, questions, and information about the product, for example: Configuration Connecting WatchGuard products and those of other companies Network policies This forum has different categories that you can use to look for information. The WatchGuard Technical Support team controls the forum during regular work hours. Do not use the forum to tell the WatchGuard Technical Support team about problems you have with your Firebox. You must use the Web interface or the telephone to tell WatchGuard Technical Support directly. Using the WatchGuard Users Forum To use the WatchGuard Users Forum you must first create an account: 1 Browse to: Click Support. Log in to the LiveSecurity Service. 2 Below Self Help Tools, click Interactive Support Forum. 3 Click Create a User Forum account. 4 Type your information in the page. Click Create. You must select a user name and password. They must be different from the user name and password for your LiveSecurity Service. WatchGuard Users Group The WatchGuard Users Group is an discussion list. It lets the users of WatchGuard products send and receive messages from other users. Because WatchGuard does not control the group, you cannot use the group to tell the WatchGuard Technical Support team about problems you have with your Firebox. You must use the Web interface or the telephone to tell WatchGuard Technical Support directly. To learn more about the WatchGuard Users Group, browse to: lists.watchguard.com/mailman/listinfo/wg-users Online Help WatchGuard Online Help is a Web system that can operate on most computer operating systems. We release each version of our software products with a full online help system. You can find these online help systems at: A static version of the online help system is installed automatically with the WatchGuard System Manager software. You can find it in a subdirectory of the installation folder with the name Help. The live version of the online help on the Web site includes corrections to all errors found since we released the software. Starting WatchGuard Online Help There are two methods to start the online help system: From the WatchGuard System Manager software, press F1. Your browser opens and an Online Help page appears. The page has information about the feature you are using. User Guide 19

26 Product Documentation Use Windows Explorer or the Run command to open the WatchGuard installation folder. Open the Help folder. Double-click WFSHelp.htm. Your browser opens and the Online Help home page appears. The default folder is: C:\Program Files\WatchGuard\Help Searching for information There are three methods to search for information in the WatchGuard Online Help system: Contents The Contents tab shows a list of categories in the help system. Double-click a book to expand a category. Click a page title to look at the contents of that category. Index The index shows a list of the words that are in the help system. Type the word, and the list automatically goes to those words that start with the typed letters. Click a page title to look at the contents. Search The Search feature is a full text search of the help system. Type a word and press ENTER. A list shows the categories that contain the word. The Search feature does not operate with AND, OR, or NOT operators. Copy the online help system to more computers You can copy WatchGuard Online Help from the management station to a second computer. When you do this, copy the full online help folder from the WatchGuard installation directory on the management station. You must include all subdirectories. Software requirements Internet Explorer 4.0 or a subsequent version Netscape Navigator 4.7 or a subsequent version Operating system Windows NT 4.0, Windows 2000, or Windows XP Sun Solaris Linux Product Documentation We copy all the user guides we release to our Web site at: Technical Support Your LiveSecurity Service subscription includes technical support for the WatchGuard System Manager software and Firebox hardware. To learn more about WatchGuard Technical Support, browse to the WatchGuard Web site at: 20 WatchGuard System Manager

27 Technical Support Note You must activate the LiveSecurity Service before you can get technical support. LiveSecurity Service Technical Support All new Firebox products include the WatchGuard LiveSecurity Technical Support Service. You can speak with the WatchGuard Technical Support team when you have a problem with the installation, management, or configuration of your Firebox. Hours WatchGuard LiveSecurity Technical Support operates from 6:00 AM to 6:00 PM in your local time zone, Monday through Friday. Telephone Number in United States and Canada in all other countries Web Site Service Time We try to supply a solution in a maximum time of four hours. Type of Service There is technical support available for special problems with the installation and continued maintenance of the Firebox and SOHO systems. Single Incident Priority Response Upgrade (SIPRU) and Single Incident After Hours Upgrade (SIAU) are also available. For more data about these upgrades, refer to the WatchGuard Web site at: LiveSecurity Gold WatchGuard Gold LiveSecurity Technical Support adds to your standard LiveSecurity Service. We recommend that you buy this upgrade if your company uses the Internet or VPN tunnels for most of your work. With WatchGuard Gold LiveSecurity Technical Support you get: Live technical support 24 hours a day, seven days a week. The Priority Technical Support Team operates our support center continuously from 7 PM Sunday to 7 PM Friday (Pacific Time). We try to supply a solution to your problem in a maximum time of one hour. If a technician is not immediately available to help you, an administrator records your problem. The administrator gives you an incident number. The Priority Technical Support team will speak to you when they become available. Firebox Installation Service WatchGuard Remote Firebox Installation Service helps you to install and configure your Firebox. You can schedule a two-hour time with one of our WatchGuard Technical Support team. During this time, the technician helps you to: Do an analysis of your network and security policy Install the WatchGuard System Manager software and Firebox hardware Align your configuration with your company security policy This service does not include VPN installation. User Guide 21

Firebox X550e, Firebox X750e, Firebox X1250e Firebox X5500e, Firebox X6500e, Firebox X8500e, Firebox X8500e-F

Firebox X550e, Firebox X750e, Firebox X1250e Firebox X5500e, Firebox X6500e, Firebox X8500e, Firebox X8500e-F Firebox X550e, Firebox X750e, Firebox X1250e Firebox X5500e, Firebox X6500e, Firebox X8500e, Firebox X8500e-F Getting Started The Firebox X Core and Peak e-series is a line of high performance, real-time

More information

Fireware How To Logging and Notification

Fireware How To Logging and Notification Fireware How To Logging and Notification How do I set up a Log Server? Introduction The Log Server collects logs from a WatchGuard Firebox. The log message format is XML (plain text). The information collected

More information

Fireware How To Network Configuration

Fireware How To Network Configuration Fireware How To Network Configuration How do I configure the external interface of my Firebox? Introduction Most users configure the Firebox interfaces when they use the Quick Setup Wizard to create a

More information

Configuration Example

Configuration Example Configuration Example Set Up a Public Web Server Behind a Firebox Example configuration files created with WSM v11.10.1 Revised 7/21/2015 Use Case In this configuration example, an organization wants to

More information

How do I set up a branch office VPN tunnel with the Management Server?

How do I set up a branch office VPN tunnel with the Management Server? Fireware How To VPN How do I set up a branch office VPN tunnel with the Management Server? Introduction Using the WatchGuard Management Server, you can make fully authenticated and encrypted IPSec tunnels

More information

SOHO 6 Wireless Installation Procedure Windows 95/98/ME with Internet Explorer 5.x & 6.0

SOHO 6 Wireless Installation Procedure Windows 95/98/ME with Internet Explorer 5.x & 6.0 SOHO 6 Wireless Installation Procedure Windows 95/98/ME with Internet Explorer 5.x & 6.0 Before You Begin Before you install the SOHO 6 Wireless, you must have: A computer with a 10/100BaseT Ethernet card

More information

Configuration Example

Configuration Example Configuration Example Use a Branch Office VPN for Failover From a Private Network Link Example configuration files created with WSM v11.10.1 Revised 7/22/2015 Use Case In this configuration example, an

More information

Configuration Example

Configuration Example Configuration Example Use WatchGuard Application Control with Your Existing Firewall Example configuration files created with WSM v11.10.1 Revised 7/21/2015 Use Case An organization wants to block the

More information

WatchGuard Mobile User VPN Guide

WatchGuard Mobile User VPN Guide WatchGuard Mobile User VPN Guide Mobile User VPN establishes a secure connection between an unsecured remote host and a protected network over an unsecured network using Internet Protocol Security (IPSec).

More information

Fireware Essentials Exam Study Guide

Fireware Essentials Exam Study Guide Fireware Essentials Exam Study Guide The Fireware Essentials exam tests your knowledge of how to configure, manage, and monitor a WatchGuard Firebox that runs Fireware OS. This exam is appropriate for

More information

Configuration Example

Configuration Example Configuration Example Use Public IP Addresses Behind an XTM Device Example configuration files created with WSM v11.7.2 Revised 3/22/2013 Use Case There are several reasons to use publicly routable IP

More information

WATCHGUARD FIREBOX SOHO 6TC AND SOHO 6

WATCHGUARD FIREBOX SOHO 6TC AND SOHO 6 WATCHGUARD FIREBOX SOHO 6TC AND SOHO 6 FIREWALL AND VPN APPLIANCES FOR SMALL BUSINESSES AND BRANCH OFFICES Today, complete Internet security goes beyond a firewall. Firebox SOHO 6tc and SOHO 6 are dedicated

More information

OfficeConnect Internet Firewall 25 Internet Firewall DMZ. QuickStart Guide (3C16770, 3C16771)

OfficeConnect Internet Firewall 25 Internet Firewall DMZ. QuickStart Guide (3C16770, 3C16771) OfficeConnect Internet Firewall 25 Internet Firewall DMZ QuickStart Guide (3C16770, 3C16771) Checking Package Contents Getting Started Thank you for purchasing the OfficeConnect Internet Firewall. The

More information

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Firewall VPN Router. Quick Installation Guide M73-APO09-380 Firewall VPN Router Quick Installation Guide M73-APO09-380 Firewall VPN Router Overview The Firewall VPN Router provides three 10/100Mbit Ethernet network interface ports which are the Internal/LAN, External/WAN,

More information

MN-700 Base Station Configuration Guide

MN-700 Base Station Configuration Guide MN-700 Base Station Configuration Guide Contents pen the Base Station Management Tool...3 Log ff the Base Station Management Tool...3 Navigate the Base Station Management Tool...4 Current Base Station

More information

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream User Manual Onsight Management Suite Version 5.1 Another Innovation by Librestream Doc #: 400075-06 May 2012 Information in this document is subject to change without notice. Reproduction in any manner

More information

WatchGuard Firebox X Edge e-series User Guide

WatchGuard Firebox X Edge e-series User Guide WatchGuard Firebox X Edge e-series User Guide Firebox X Edge e-series - Firmware Version 8.6 All Firebox X Edge e-series Standard and Wireless Models Notice to Users Information in this guide is subject

More information

Installation Guide. Wyse S Class Conversion to ThinOS. Wyse Simple Imager TM Release 2.0.2. Issue: 092611 PN: 883887-04L Rev. C

Installation Guide. Wyse S Class Conversion to ThinOS. Wyse Simple Imager TM Release 2.0.2. Issue: 092611 PN: 883887-04L Rev. C Installation Guide Wyse S Class Conversion to ThinOS Wyse Simple Imager TM Release 2.0.2 Issue: 092611 PN: 883887-04L Rev. C Copyright Notices 2011, Wyse Technology Inc. All rights reserved. This manual

More information

Fireware XTM Traffic Management

Fireware XTM Traffic Management WatchGuard Certified Training Fireware XTM Traffic Management Fireware XTM and WatchGuard System Manager v11.4 Disclaimer Information in this guide is subject to change without notice. Companies, names,

More information

Configuring an IPSec Tunnel between a Firebox & a Check Point FireWall-1

Configuring an IPSec Tunnel between a Firebox & a Check Point FireWall-1 Configuring an IPSec Tunnel between a Firebox & a Check Point FireWall-1 This document describes how to configure an IPSec tunnel with a WatchGuard Firebox II or Firebox III (software version 4.5 or later)

More information

Multi-Homing Dual WAN Firewall Router

Multi-Homing Dual WAN Firewall Router Multi-Homing Dual WAN Firewall Router Quick Installation Guide M73-APO09-400 Multi-Homing Dual WAN Firewall Router Overview The Multi-Homing Dual WAN Firewall Router provides three 10/100Mbit Ethernet

More information

GlobalSCAPE DMZ Gateway, v1. User Guide

GlobalSCAPE DMZ Gateway, v1. User Guide GlobalSCAPE DMZ Gateway, v1 User Guide GlobalSCAPE, Inc. (GSB) Address: 4500 Lockhill-Selma Road, Suite 150 San Antonio, TX (USA) 78249 Sales: (210) 308-8267 Sales (Toll Free): (800) 290-5054 Technical

More information

WhatsUp Gold v16.3 Installation and Configuration Guide

WhatsUp Gold v16.3 Installation and Configuration Guide WhatsUp Gold v16.3 Installation and Configuration Guide Contents Installing and Configuring WhatsUp Gold using WhatsUp Setup Installation Overview... 1 Overview... 1 Security considerations... 2 Standard

More information

IREBOX X. Firebox X Family of Security Products. Comprehensive Unified Threat Management Solutions That Scale With Your Business

IREBOX X. Firebox X Family of Security Products. Comprehensive Unified Threat Management Solutions That Scale With Your Business IREBOX X IREBOX X Firebox X Family of Security Products Comprehensive Unified Threat Management Solutions That Scale With Your Business Family of Security Products Comprehensive unified threat management

More information

Multi-Homing Security Gateway

Multi-Homing Security Gateway Multi-Homing Security Gateway MH-5000 Quick Installation Guide 1 Before You Begin It s best to use a computer with an Ethernet adapter for configuring the MH-5000. The default IP address for the MH-5000

More information

Barracuda Link Balancer

Barracuda Link Balancer Barracuda Networks Technical Documentation Barracuda Link Balancer Administrator s Guide Version 2.2 RECLAIM YOUR NETWORK Copyright Notice Copyright 2004-2011, Barracuda Networks www.barracuda.com v2.2-110503-01-0503

More information

Barracuda Link Balancer Administrator s Guide

Barracuda Link Balancer Administrator s Guide Barracuda Link Balancer Administrator s Guide Version 1.0 Barracuda Networks Inc. 3175 S. Winchester Blvd. Campbell, CA 95008 http://www.barracuda.com Copyright Notice Copyright 2008, Barracuda Networks

More information

WatchGuard Technologies, Inc. 505 Fifth Avenue South Suite 500, Seattle, WA 98104 www.watchguard.com

WatchGuard Technologies, Inc. 505 Fifth Avenue South Suite 500, Seattle, WA 98104 www.watchguard.com SMALL BUSINESS NETWORK SECURITY GUIDE WHY A REAL FIREWALL PROVIDES THE BEST NETWORK PROTECTION AUGUST 2004 SMALL BUSINESS NETWORK SECURITY GUIDE: WHY A REAL FIREWALL PROVIDES THE BEST NETWORK PROTECTION

More information

Prestige 202H Plus. Quick Start Guide. ISDN Internet Access Router. Version 3.40 12/2004

Prestige 202H Plus. Quick Start Guide. ISDN Internet Access Router. Version 3.40 12/2004 Prestige 202H Plus ISDN Internet Access Router Quick Start Guide Version 3.40 12/2004 Table of Contents 1 Introducing the Prestige...3 2 Hardware Installation...4 2.1 Rear Panel...4 2.2 The Front Panel

More information

SSL-VPN 200 Getting Started Guide

SSL-VPN 200 Getting Started Guide Secure Remote Access Solutions APPLIANCES SonicWALL SSL-VPN Series SSL-VPN 200 Getting Started Guide SonicWALL SSL-VPN 200 Appliance Getting Started Guide Thank you for your purchase of the SonicWALL SSL-VPN

More information

3.1 RS-232/422/485 Pinout:PORT1-4(RJ-45) RJ-45 RS-232 RS-422 RS-485 PIN1 TXD PIN2 RXD PIN3 GND PIN4 PIN5 T+ 485+ PIN6 T- 485- PIN7 R+ PIN8 R-

3.1 RS-232/422/485 Pinout:PORT1-4(RJ-45) RJ-45 RS-232 RS-422 RS-485 PIN1 TXD PIN2 RXD PIN3 GND PIN4 PIN5 T+ 485+ PIN6 T- 485- PIN7 R+ PIN8 R- MODEL ATC-2004 TCP/IP TO RS-232/422/485 CONVERTER User s Manual 1.1 Introduction The ATC-2004 is a 4 Port RS232/RS485 to TCP/IP converter integrated with a robust system and network management features

More information

Broadband Phone Gateway BPG510 Technical Users Guide

Broadband Phone Gateway BPG510 Technical Users Guide Broadband Phone Gateway BPG510 Technical Users Guide (Firmware version 0.14.1 and later) Revision 1.0 2006, 8x8 Inc. Table of Contents About your Broadband Phone Gateway (BPG510)... 4 Opening the BPG510's

More information

Installation Guide. Wyse VX0LE Conversion to ThinOS. Wyse Simple Imager TM Release 2.0.2 Wyse Device Manager TM Release 4.8.5

Installation Guide. Wyse VX0LE Conversion to ThinOS. Wyse Simple Imager TM Release 2.0.2 Wyse Device Manager TM Release 4.8.5 Installation Guide Wyse VX0LE Conversion to ThinOS Wyse Simple Imager TM Release 2.0.2 Wyse Device Manager TM Release 4.8.5 Issue: 070111 PN: 883887-05L Rev. B Copyright Notices 2011, Wyse Technology Inc.

More information

WATCHGUARD FIREBOX VCLASS

WATCHGUARD FIREBOX VCLASS FIREBOX VCLASS WATCHGUARD FIREBOX VCLASS ENTERPRISE-LEVEL SECURITY The Firebox Vclass brings high-speed network security to enterprise-class businesses, remote offices, service providers, and data centers.

More information

Step-by-Step Configuration

Step-by-Step Configuration Step-by-Step Configuration Kerio Technologies Kerio Technologies. All Rights Reserved. Printing Date: August 15, 2007 This guide provides detailed description on configuration of the local network which

More information

LevelOne. User Manual. FBR-1430 VPN Broadband Router, 1W 4L V1.0

LevelOne. User Manual. FBR-1430 VPN Broadband Router, 1W 4L V1.0 LevelOne FBR-1430 VPN Broadband Router, 1W 4L User Manual V1.0 Table of Contents CHAPTER 1 INTRODUCTION... 1 VPN BROADBAND ROUTER FEATURES... 1 Internet Access Features... 1 Advanced Internet Functions...

More information

BROADBAND FIREWALL ROUTER WITH 1-USB + 1-PARALLEL PRINT SERVER PORT

BROADBAND FIREWALL ROUTER WITH 1-USB + 1-PARALLEL PRINT SERVER PORT BROADBAND FIREWALL ROUTER WITH 1-USB + 1-PARALLEL PRINT SERVER PORT USER S MANUAL V1.0 Trademarks Windows 95/98/Me and Windows NT/2000/XP are registered trademarks of Microsoft Corporation. All other brands

More information

Setting Up a Unisphere Management Station for the VNX Series P/N 300-011-796 Revision A01 January 5, 2010

Setting Up a Unisphere Management Station for the VNX Series P/N 300-011-796 Revision A01 January 5, 2010 Setting Up a Unisphere Management Station for the VNX Series P/N 300-011-796 Revision A01 January 5, 2010 This document describes the different types of Unisphere management stations and tells how to install

More information

Step-by-Step Guide for Creating and Testing Connection Manager Profiles in a Test Lab

Step-by-Step Guide for Creating and Testing Connection Manager Profiles in a Test Lab Step-by-Step Guide for Creating and Testing Connection Manager Profiles in a Test Lab Microsoft Corporation Published: May, 2005 Author: Microsoft Corporation Abstract This guide describes how to create

More information

Broadband Router ESG-103. User s Guide

Broadband Router ESG-103. User s Guide Broadband Router ESG-103 User s Guide FCC Warning This equipment has been tested and found to comply with the limits for Class A & Class B digital device, pursuant to Part 15 of the FCC rules. These limits

More information

McAfee.com Personal Firewall

McAfee.com Personal Firewall McAfee.com Personal Firewall 1 Table of Contents Table of Contents...2 Installing Personal Firewall...3 Configuring Personal Firewall and Completing the Installation...3 Configuring Personal Firewall...

More information

TW100-BRF114 Firewall Router. User's Guide. Cable/DSL Internet Access. 4-Port Switching Hub

TW100-BRF114 Firewall Router. User's Guide. Cable/DSL Internet Access. 4-Port Switching Hub TW100-BRF114 Firewall Router Cable/DSL Internet Access 4-Port Switching Hub User's Guide Table of Contents CHAPTER 1 INTRODUCTION...1 TW100-BRF114 Features...1 Package Contents...3 Physical Details...

More information

Configuring a Check Point FireWall-1 to SOHO IPSec Tunnel

Configuring a Check Point FireWall-1 to SOHO IPSec Tunnel Configuring a Check Point FireWall-1 to SOHO IPSec Tunnel This document describes the procedures required to configure an IPSec VPN tunnel between a WatchGuard SOHO or SOHO tc and a Check Point FireWall-1.

More information

WatchGuard Firebox SSL VPN Gateway Administration Guide. Firebox SSL VPN Gateway

WatchGuard Firebox SSL VPN Gateway Administration Guide. Firebox SSL VPN Gateway WatchGuard Firebox SSL VPN Gateway Administration Guide Firebox SSL VPN Gateway Notice to Users Information in this guide is subject to change without notice. Companies, names, and data used in examples

More information

TW100-BRV204 VPN Firewall Router

TW100-BRV204 VPN Firewall Router TW100-BRV204 VPN Firewall Router Cable/DSL Internet Access 4-Port Switching Hub User's Guide Table of Contents CHAPTER 1 INTRODUCTION... 1 TW100-BRV204 Features... 1 Package Contents... 3 Physical Details...

More information

WatchGuard Firebox X Edge e-series User Guide

WatchGuard Firebox X Edge e-series User Guide WatchGuard Firebox X Edge e-series User Guide Firebox X Edge e-series - Firmware Version 8.0 All Firebox X Edge e-series Standard and Wireless Models User Guide i Notice to Users Information in this guide

More information

Broadband Router ALL1294B

Broadband Router ALL1294B Broadband Router ALL1294B Broadband Internet Access 4-Port Switching Hub User's Guide Table of Contents CHAPTER 1 INTRODUCTION... 1 Broadband Router Features... 1 Package Contents... 3 Physical Details...

More information

Networking Best Practices Guide. Version 6.5

Networking Best Practices Guide. Version 6.5 Networking Best Practices Guide Version 6.5 Summer 2010 Copyright: 2010, CCH, a Wolters Kluwer business. All rights reserved. Material in this publication may not be reproduced or transmitted in any form

More information

1 You will need the following items to get started:

1 You will need the following items to get started: QUICKSTART GUIDE 1 Getting Started You will need the following items to get started: A desktop or laptop computer Two ethernet cables (one ethernet cable is shipped with the _ Blocker, and you must provide

More information

UIP1868P User Interface Guide

UIP1868P User Interface Guide UIP1868P User Interface Guide (Firmware version 0.13.4 and later) V1.1 Monday, July 8, 2005 Table of Contents Opening the UIP1868P's Configuration Utility... 3 Connecting to Your Broadband Modem... 4 Setting

More information

Configuration Example

Configuration Example Configuration Example Use NAT for Public Access to Servers with Private IP Addresses on the Private Network Example configuration files created with WSM v11.7.2 Revised 5/10/2013 Use Case In this use case,

More information

User s Manual TCP/IP TO RS-232/422/485 CONVERTER. 1.1 Introduction. 1.2 Main features. Dynamic DNS

User s Manual TCP/IP TO RS-232/422/485 CONVERTER. 1.1 Introduction. 1.2 Main features. Dynamic DNS MODEL ATC-2000 TCP/IP TO RS-232/422/485 CONVERTER User s Manual 1.1 Introduction The ATC-2000 is a RS232/RS485 to TCP/IP converter integrated with a robust system and network management features designed

More information

How To Manage Outgoing Traffic On Fireware Xtm

How To Manage Outgoing Traffic On Fireware Xtm Fireware XTM Training Instructor Guide Fireware XTM Multi-WAN Methods Exploring Multi-WAN Through Hands-On Training This training is for: Devices WatchGuard XTM 2 Series /WatchGuard XTM 5 Series / WatchGuard

More information

Fireware How To VPN. Introduction. Is there anything I need to know before I start? Configuring a BOVPN Gateway

Fireware How To VPN. Introduction. Is there anything I need to know before I start? Configuring a BOVPN Gateway Fireware How To VPN How do I set up a manual branch office VPN tunnel? Introduction You use Branch Office VPN (BOVPN) with manual IPSec to make encrypted tunnels between a Firebox and a second IPSec-compliant

More information

Configuring a WatchGuard SOHO to SOHO IPSec Tunnel

Configuring a WatchGuard SOHO to SOHO IPSec Tunnel Configuring a WatchGuard to IPSec Tunnel This document describes the procedures required to configure an IPSec tunnel between two WatchGuard Firebox s (version 2.3.x). The following WatchGuard products

More information

Sophos UTM. Remote Access via PPTP. Configuring UTM and Client

Sophos UTM. Remote Access via PPTP. Configuring UTM and Client Sophos UTM Remote Access via PPTP Configuring UTM and Client Product version: 9.000 Document date: Friday, January 11, 2013 The specifications and information in this document are subject to change without

More information

DOWNTIME CAN SPELL DISASTER

DOWNTIME CAN SPELL DISASTER DOWNTIME CAN SPELL DISASTER Technical Brief Ensure Network Uptime: High Availability with XTM FireCluster August 2010 Network downtime is expensive for businesses in today s 24/7 global economy. Any malfunctions

More information

Chapter 7 Troubleshooting

Chapter 7 Troubleshooting Chapter 7 Troubleshooting This chapter provides troubleshooting tips and information for your ProSafe VPN Firewall 200. After each problem description, instructions are provided to help you diagnose and

More information

Configuration Example

Configuration Example Configuration Example Centralized Branch Office VPN Architecture (Hub & Spoke) Example configuration files created with WSM v11.10.1 Revised 7/24/2015 Use Case In this configuration example, an organization

More information

ZyWALL 5. Internet Security Appliance. Quick Start Guide Version 3.62 (XD.0) May 2004

ZyWALL 5. Internet Security Appliance. Quick Start Guide Version 3.62 (XD.0) May 2004 ZyWALL 5 Internet Security Appliance Quick Start Guide Version 3.62 (XD.0) May 2004 Introducing the ZyWALL The ZyWALL 5 is the ideal secure gateway for all data passing between the Internet and the LAN.

More information

Vantage RADIUS 50. Quick Start Guide Version 1.0 3/2005

Vantage RADIUS 50. Quick Start Guide Version 1.0 3/2005 Vantage RADIUS 50 Quick Start Guide Version 1.0 3/2005 1 Introducing Vantage RADIUS 50 The Vantage RADIUS (Remote Authentication Dial-In User Service) 50 (referred to in this guide as Vantage RADIUS)

More information

your Gateway Windows network installationguide 802.11b wireless series Router model WBR-100 Configuring Installing

your Gateway Windows network installationguide 802.11b wireless series Router model WBR-100 Configuring Installing your Gateway Windows network installationguide 802.11b wireless series Router model WBR-100 Installing Configuring Contents 1 Introduction...................................................... 1 Features...........................................................

More information

VPN Configuration Guide WatchGuard Fireware XTM

VPN Configuration Guide WatchGuard Fireware XTM VPN Configuration Guide WatchGuard Fireware XTM Firebox X Edge Core e-series Firebox X Edge Core e-series Firebox X Edge Peak e-series XTM 8 Series XTM 10 Series 2010 equinux AG and equinux USA, Inc. All

More information

Wireless G Broadband quick install

Wireless G Broadband quick install Wireless G Broadband Router quick install guide Model 503693 INT-503693-QIG-0608-02 Thank you for purchasing the INTELLINET NETWORK SOLUTIONS Wireless G Broadband Router, Model 503693. This quick install

More information

nappliance misa Server 2006 Standard Edition Users Guide For use with misa Appliances 2006 nappliance Networks, Inc.

nappliance misa Server 2006 Standard Edition Users Guide For use with misa Appliances 2006 nappliance Networks, Inc. nappliance misa Server 2006 Standard Edition Users Guide For use with misa Appliances The information contained in this document represents the current view of Microsoft Corporation on the issues discussed

More information

Chapter 10 Troubleshooting

Chapter 10 Troubleshooting Chapter 10 Troubleshooting This chapter provides troubleshooting tips and information for your ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN. After each problem description, instructions are provided

More information

Funkwerk UTM Release Notes (english)

Funkwerk UTM Release Notes (english) Funkwerk UTM Release Notes (english) General Hints Please create a backup of your UTM system's configuration (Maintenance > Configuration > Manual Backup) before you start to install the software update.

More information

Chapter 2 Preparing Your Network

Chapter 2 Preparing Your Network Chapter 2 Preparing Your Network This document describes how to prepare your network to connect to the Internet through a router and how to verify the readiness of your broadband Internet service from

More information

User's Manual. Intego VirusBarrier Server 2 / VirusBarrier Mail Gateway 2 User's Manual Page 1

User's Manual. Intego VirusBarrier Server 2 / VirusBarrier Mail Gateway 2 User's Manual Page 1 User's Manual Intego VirusBarrier Server 2 / VirusBarrier Mail Gateway 2 User's Manual Page 1 VirusBarrier Server 2 and VirusBarrier Mail Gateway 2 for Macintosh 2008 Intego. All Rights Reserved Intego

More information

Chapter 15: Advanced Networks

Chapter 15: Advanced Networks Chapter 15: Advanced Networks IT Essentials: PC Hardware and Software v4.0 1 Determine a Network Topology A site survey is a physical inspection of the building that will help determine a basic logical

More information

HP Device Manager 4.6

HP Device Manager 4.6 Technical white paper HP Device Manager 4.6 Installation and Update Guide Table of contents Overview... 3 HPDM Server preparation... 3 FTP server configuration... 3 Windows Firewall settings... 3 Firewall

More information

HP IMC Firewall Manager

HP IMC Firewall Manager HP IMC Firewall Manager Configuration Guide Part number: 5998-2267 Document version: 6PW102-20120420 Legal and notice information Copyright 2012 Hewlett-Packard Development Company, L.P. No part of this

More information

Chapter 1 Configuring Basic Connectivity

Chapter 1 Configuring Basic Connectivity Chapter 1 Configuring Basic Connectivity This chapter describes the settings for your Internet connection and your wireless local area network (LAN) connection. When you perform the initial configuration

More information

Multifunctional Broadband Router User Guide. Copyright Statement

Multifunctional Broadband Router User Guide. Copyright Statement Copyright Statement is the registered trademark of Shenzhen Tenda Technology Co., Ltd. Other trademark or trade name mentioned herein are the trademark or registered trademark of above company. Copyright

More information

Protecting the Home Network (Firewall)

Protecting the Home Network (Firewall) Protecting the Home Network (Firewall) Basic Tab Setup Tab DHCP Tab Advanced Tab Options Tab Port Forwarding Tab Port Triggers Tab DMZ Host Tab Firewall Tab Event Log Tab Status Tab Software Tab Connection

More information

Allworx Installation Course

Allworx Installation Course VPN Hello and welcome. In the VPN section we will cover the steps for enabling the VPN feature on the Allworx server and how to set up a VPN connection to the Allworx System from your PC. Page 1 VPN The

More information

VoIP CONFIGURATION GUIDE FOR MULTI-LOCATION NETWORKS

VoIP CONFIGURATION GUIDE FOR MULTI-LOCATION NETWORKS VoIP CONFIGURATION GUIDE FOR MULTI-LOCATION NETWORKS INTRODUCTION About this guide This guide is designed to help you plan and configure a TalkSwitch multi-location network for Voice over IP (VoIP). NOTE:

More information

Sophos for Microsoft SharePoint startup guide

Sophos for Microsoft SharePoint startup guide Sophos for Microsoft SharePoint startup guide Product version: 2.0 Document date: March 2011 Contents 1 About this guide...3 2 About Sophos for Microsoft SharePoint...3 3 System requirements...3 4 Planning

More information

Building Networks For People. DIR-100 Ethernet Broadband Router User Manual

Building Networks For People. DIR-100 Ethernet Broadband Router User Manual Building Networks For People DIR-100 Ethernet Broadband Router User Manual CONTENTS About This User s Guide... iii Before You Start... iii Installation Notes... iv Installation Information... v INTRODUCTION...1

More information

c. Securely insert the Ethernet cable from your cable or DSL modem into the Internet port (B) on the WGT634U. Broadband modem

c. Securely insert the Ethernet cable from your cable or DSL modem into the Internet port (B) on the WGT634U. Broadband modem Start Here Follow these instructions to set up your router. Verify That Basic Requirements Are Met Assure that the following requirements are met: You have your broadband Internet service settings handy.

More information

How do I configure multi-wan in Routing Table mode?

How do I configure multi-wan in Routing Table mode? How do I configure multi-wan in Routing Table mode? Fireware/Multi-WAN This document applies to: Appliance Firebox X Core / Firebox X Core e-series / Firebox X Peak / Firebox X Peak e-series Appliance

More information

BR-6624. Load Balancing Router. Manual

BR-6624. Load Balancing Router. Manual BR-6624 Load Balancing Router Manual TABLE OF CONTENTS 1: INTRODUCTION...1 Internet Features...1 Other Features...3 Package Contents...4 Physical Details...4 2: BASIC SETUP...8 Overview...8 Procedure...8

More information

Pre-lab and In-class Laboratory Exercise 10 (L10)

Pre-lab and In-class Laboratory Exercise 10 (L10) ECE/CS 4984: Wireless Networks and Mobile Systems Pre-lab and In-class Laboratory Exercise 10 (L10) Part I Objectives and Lab Materials Objective The objectives of this lab are to: Familiarize students

More information

Wireless Broadband Router. Manual

Wireless Broadband Router. Manual Wireless Broadband Router Manual 1 Introduction... 4 Features... 4 Minimum Requirements... 4 Package Content... 4 Note... 4 Get to know the Broadband Router... 5 Back Panel... 5 Front Panel... 6 Setup

More information

BR-6104K / BR-6104KP Fast Ethernet Broadband Router User s Manual

BR-6104K / BR-6104KP Fast Ethernet Broadband Router User s Manual BR-6104K / BR-6104KP Fast Ethernet Broadband Router User s Manual 1 Introduction... 4 Features... 4 Minimum Requirements... 4 Package Content... 4 Note... 4 Get to know the Broadband Router... 4 Back Panel...

More information

Chapter 9 Monitoring System Performance

Chapter 9 Monitoring System Performance Chapter 9 Monitoring System Performance This chapter describes the full set of system monitoring features of your ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN. You can be alerted to important

More information

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your computer.

More information

System i and System p. Customer service, support, and troubleshooting

System i and System p. Customer service, support, and troubleshooting System i and System p Customer service, support, and troubleshooting System i and System p Customer service, support, and troubleshooting Note Before using this information and the product it supports,

More information

WatchGuard Training. Introduction to WatchGuard Dimension

WatchGuard Training. Introduction to WatchGuard Dimension WatchGuard Training Introduction to WatchGuard Dimension Introduction to WatchGuard Dimension What is WatchGuard Dimension? Deploy WatchGuard Dimension Configure WatchGuard Dimension Use WatchGuard Dimension

More information

HP A-IMC Firewall Manager

HP A-IMC Firewall Manager HP A-IMC Firewall Manager Configuration Guide Part number: 5998-2267 Document version: 6PW101-20110805 Legal and notice information Copyright 2011 Hewlett-Packard Development Company, L.P. No part of this

More information

Lab 8.4.2 Configuring Access Policies and DMZ Settings

Lab 8.4.2 Configuring Access Policies and DMZ Settings Lab 8.4.2 Configuring Access Policies and DMZ Settings Objectives Log in to a multi-function device and view security settings. Set up Internet access policies based on IP address and application. Set

More information

Guideline for setting up a functional VPN

Guideline for setting up a functional VPN Guideline for setting up a functional VPN Why do I want a VPN? VPN by definition creates a private, trusted network across an untrusted medium. It allows you to connect offices and people from around the

More information

Load Balancing Router. User s Guide

Load Balancing Router. User s Guide Load Balancing Router User s Guide TABLE OF CONTENTS 1: INTRODUCTION... 1 Internet Features... 1 Other Features... 3 Package Contents... 4 Physical Details... 4 2: BASIC SETUP... 8 Overview... 8 Procedure...

More information

Quick Start Guide. RV 120W Wireless-N VPN Firewall. Cisco Small Business

Quick Start Guide. RV 120W Wireless-N VPN Firewall. Cisco Small Business Quick Start Guide Cisco Small Business RV 120W Wireless-N VPN Firewall Package Contents Wireless-N VPN Firewall Ethernet Cable Power Adapter Quick Start Guide Documentation and Software on CD-ROM Welcome

More information

Multi-Homing Gateway. User s Manual

Multi-Homing Gateway. User s Manual Multi-Homing Gateway User s Manual Contents System 5 Admin Setting Date/Time Multiple Subnet Hack Alert Route Table DHCP DNS Proxy Dynamic DNS Language Permitted IPs Logout Software Update 8 12 21 22 33

More information

SuperLumin Nemesis. Administration Guide. February 2011

SuperLumin Nemesis. Administration Guide. February 2011 SuperLumin Nemesis Administration Guide February 2011 SuperLumin Nemesis Legal Notices Information contained in this document is believed to be accurate and reliable. However, SuperLumin assumes no responsibility

More information

Configuring PA Firewalls for a Layer 3 Deployment

Configuring PA Firewalls for a Layer 3 Deployment Configuring PA Firewalls for a Layer 3 Deployment Configuring PAN Firewalls for a Layer 3 Deployment Configuration Guide January 2009 Introduction The following document provides detailed step-by-step

More information

Innominate mguard Version 6

Innominate mguard Version 6 Innominate mguard Version 6 Configuration Examples mguard smart mguard PCI mguard blade mguard industrial RS EAGLE mguard mguard delta Innominate Security Technologies AG Albert-Einstein-Str. 14 12489

More information

Wireless Router Setup Manual

Wireless Router Setup Manual Wireless Router Setup Manual NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA 208-10082-02 2006-04 2006 by NETGEAR, Inc. All rights reserved. Trademarks NETGEAR is a trademark of Netgear,

More information

Step-by-Step Secure Wireless for Home / Small Office and Small Organizations

Step-by-Step Secure Wireless for Home / Small Office and Small Organizations Step-by-Step Secure Wireless for Home / Small Office and Small Organizations Microsoft Corporation Published: October 2005 Author: Brit Weston Editor: Allyson Adley Abstract This white paper presents two

More information